﻿//=====================================================
// Copyright © 2017-2018 xuxuzhaozhao
// All rights reserved
// GUID: f4f9a402-e790-4519-bdac-aae6617727dc
// CLR版本: 4.0.30319.42000
// 命名空间名称: xuxuzhaozhao.Blog.Web.Authorize
// 文件名: XuAuthorizeAttribute
// 当前系统时间: 2017/11/7 16:24:44
// 当前登录用户名: xuxuzhaozhao
//======================================================

using System.Web;
using System.Web.Mvc;
using System.Web.Security;

namespace xuxuzhaozhao.Blog.XuAuthorize
{
    public class XuAuthorizeAttribute : AuthorizeAttribute
    {
        /// <summary>
        /// 在过程请求授权时调用。
        /// </summary>
        /// <param name="filterContext"></param>
        public override void OnAuthorization(AuthorizationContext filterContext)
        {
            var current = HttpContext.Current;
            if (current.User.Identity.IsAuthenticated)
            {
                XuUser user = new XuUser(current.User.Identity.Name);
                current.User = user;
            }
            else
            {
                FormsAuthentication.SignOut();
                filterContext.Result = new EmptyResult();
                throw new System.Exception("无权操作！或当前登录用户已过期！\\n请重新登录或与管理员联系！");
            }
        }
    }
}